Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
27-06-2024 17:29
Behavioral task
behavioral1
Sample
Built.exe
Resource
win7-20240221-en
General
-
Target
Built.exe
-
Size
7.4MB
-
MD5
66438a23be0dac1106efbca725c7be11
-
SHA1
ab4f676bdf217b71e1b9aa1a41f4df0959930482
-
SHA256
05d9aa0b53f7c998d325e3439319c85d1056dc9643fa2406599010fac741444b
-
SHA512
cb783151b16649eb08882e329b10e36202e4303031f827507f03350474ede4b0a02c16a44716dcb625658cac9a3f9c2a63e919528a9aacf295991a9dba9e985e
-
SSDEEP
196608:1Y8PiLjv+bhqNVoB0SEsucQZ41JBbIM11t5:W8PGL+9qz80SJHQK1Jx1v5
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Built.exepid process 2720 Built.exe -
Processes:
resource yara_rule C:\Users\Admin\AppData\Local\Temp\_MEI17402\python311.dll upx behavioral1/memory/2720-23-0x000007FEF5F00000-0x000007FEF64EE000-memory.dmp upx -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
Built.exedescription pid process target process PID 1740 wrote to memory of 2720 1740 Built.exe Built.exe PID 1740 wrote to memory of 2720 1740 Built.exe Built.exe PID 1740 wrote to memory of 2720 1740 Built.exe Built.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD576eb1ad615ba6600ce747bf1acde6679
SHA1d3e1318077217372653be3947635b93df68156a4
SHA25630be871735591ad96bc3fc7e541cdef474366159c2f7443feb30739cbd2db7e1
SHA5122b960e74dd73f61d6a44fef0de9f2d50bcf2ec856b7aa5b97f0107e3cdadea461790760668a67db2ecaf71ff323133ee39ce2b38aafff3629c14e736d6a64aeb